CVE-2025-6431 – “Firefox for Android External Application Bypass Vulnerability”

June 24, 2025

CVE ID : CVE-2025-6431

Published : June 24, 2025, 1:15 p.m. | 1 hour, 23 minutes ago

Description : When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications.
*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox
Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6433 – “Firefox WebAuthn TLS Certificate Exception Vulnerability”

Next Article CVE-2025-6436 – “Mozilla Firefox Memory Corruption Vulnerability”

Highlights

CVE-2025-4779 – Lunary Ai Lunary Stored Cross-Site Scripting (XSS)

July 7, 2025

CVE ID : CVE-2025-4779

Published : July 7, 2025, 10:15 a.m. | 3 hours, 29 minutes ago

Description : lunary-ai/lunary versions prior to 1.9.24 are vulnerable to stored cross-site scripting (XSS). An unauthenticated attacker can inject malicious JavaScript into the `v1/runs/ingest` endpoint by adding an empty `citations` field, triggering a code path where `dangerouslySetInnerHTML` is used to render attacker-controlled text. This vulnerability allows the execution of arbitrary JavaScript in the context of the user’s browser, potentially leading to session hijacking, data theft, or other malicious actions.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Across the 4th Dimension

Cursor vs GitHub Copilot (2025): Which AI Platform Wins for Your Node.js Dev Team?

NuGet adds support for Trusted Publishing

AWS launches IDE extension for building browser automation agents

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

IDC ServiceScape for Microsoft Power Apps Low-Code/No-Code Custom Application Development Services

A Stream-Oriented UI library for interactive web applications

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-6431 – “Firefox for Android External Application Bypass Vulnerability”

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-34130 – LILIN Digital Video Recorder (DVR) Unauthenticated Arbitrary File Read Vulnerability

Live Agent Transfer in Copilot Studio Using D365 Omnichannel – Step-by-Step Implementation

First $1B business with one human employee will happen in 2026, says Anthropic CEO

Why the Pixel 10 is making this longtime iPhone user reconsider their next phone

CVE-2025-4779 – Lunary Ai Lunary Stored Cross-Site Scripting (XSS)

ICANN computers compromised by hackers

CVE-2025-1731 – “USG FLEX H series PostgreSQL Command Privilege Escalation Vulnerability”

Garmin unveils its Apple Ultra Watch 2 competitor, the Venu X1

CVE-2025-6431 – “Firefox for Android External Application Bypass Vulnerability”

Related Posts